TrendAI Zero Day Initiative Drives Remediation Efforts at Pwn2Own Berlin

Ethical Hackers Earn Over $1.2 Million at Pwn2Own Berlin

DALLAS, May 18, 2026 – TrendAI, a cybersecurity division of Trend Micro Incorporated, celebrated the achievements of ethical hackers at the recent Pwn2Own Berlin event. Contestants successfully discovered and disclosed a total of 47 unique zero-day vulnerabilities across various software categories, earning over $1.2 million in prizes. This event highlights the critical importance of proactive cybersecurity measures in an increasingly digital world.

Pwn2Own Berlin: A Platform for Ethical Hacking

Pwn2Own is a renowned hacking competition that invites security researchers to identify vulnerabilities in widely used software and hardware. The event serves not only as a challenge but also as a platform for ethical hackers to showcase their skills while contributing to the security landscape. This year marked NVIDIA’s debut as a sponsor, introducing specific product categories for researchers to target, including Megatron Bridge and NV Container Toolkit.

During the competition, TrendAI utilized its Zero Day Initiative (ZDI) program to facilitate the responsible disclosure of vulnerabilities. This approach allows vendors to address security flaws before they can be exploited by malicious actors. Rachel Jin, Head of TrendAI, emphasized the importance of this initiative: “We use the vulnerabilities discovered at Pwn2Own to empower vendors to patch these vulnerabilities quickly, while also offering our customers protection well ahead of the rest of the industry via virtual patching.”

Highlights from the Competition

The Pwn2Own Berlin event showcased impressive feats by various teams and individuals who demonstrated exceptional skill in exploiting vulnerabilities. Some notable achievements included:

• Orange Tsai from DEVCORE Research Team earned $200,000 by chaining three bugs to achieve Remote Code Execution on Microsoft Exchange and an additional $175,000 for exploiting Microsoft Edge through four logic bugs.
• Splitline, also from DEVCORE, earned $100,000 by exploiting Microsoft SharePoint using two chained bugs.
• Nguyen Hoang Thach from STARLabs SG utilized a Memory Corruption bug to exploit VMware ESXi with Cross-tenant Code Execution add-on, securing $200,000 and 20 Master of Pwn points.
• Chompie from IBM X-Force Offensive Research exploited NV Container Toolkit with a single bug for a reward of $50,000.

A total prize pool of $1,298,250 was distributed among participants at this year’s event. The next iteration of this competition is scheduled for fall 2026 in Cork.

The Role of TrendAI in Cybersecurity

TrendAI plays a pivotal role in enhancing cybersecurity measures through its advanced threat intelligence capabilities. By analyzing vulnerabilities disclosed during events like Pwn2Own, TrendAI enables software vendors to address security issues rapidly. This proactive approach helps organizations mitigate risks before cybercriminals can exploit newly discovered weaknesses.

According to research conducted by TrendAI, many vendors have been slow to patch known vulnerabilities. The ZDI program aims to bridge this gap by ensuring that customers receive protection an average of three months ahead of broader industry responses. As AI tools become integral to business operations, maintaining robust cybersecurity practices is essential.

Looking Ahead: The Future of Cybersecurity Competitions

The success of Pwn2Own Berlin reinforces the necessity for ongoing collaboration between ethical hackers and software vendors. As technology continues to evolve rapidly, so too do the methods employed by cybercriminals. Events like Pwn2Own not only highlight existing vulnerabilities but also foster innovation among security researchers who are dedicated to improving global cybersecurity standards.

The partnership between TrendAI and NVIDIA exemplifies how collaboration can enhance security measures across different sectors. As both organizations continue to invest in research and development, it is likely that future competitions will yield even more significant advancements in vulnerability discovery and mitigation strategies.

What This Means

The outcomes from Pwn2Own Berlin underscore the critical need for robust cybersecurity practices amid increasing digital threats. Organizations must prioritize vulnerability management and engage with ethical hacking communities to stay ahead of potential exploits. The financial rewards offered during such competitions serve as an incentive for researchers while providing invaluable insights into improving software security protocols across industries.

For more information, read the original report here.